1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-25 15:00:58 +01:00

Allow only CDN routes when using security.alternate-file-domain

Summary:
Instead of allowing all routes based on security.alternate-file-domain, now, when security.alternate-file-domain is set, and the request matches this domain, requests are validated against an explicit list.  Allowed routes:
-  /res/
-  /file/data/
-  /file/xform/
-  /phame/r/

This will be redone by T5702 to be less of a hack.

Test Plan:
- browse around (incl. Phame live) to make sure there is no regression from this when security.alternate-file-domain is not used.
- check that celerity resources and files (incl. previews) are served with security.alternate-file-domain set.
- check that phame live blog is serving its css correctly with security.alternate-file-domain set.
- check that requests outside of the whitelist generate an exception for security.alternate-file-domain

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D10048
This commit is contained in:
Joseph Battelle 2014-07-25 06:40:05 -07:00 committed by epriestley
parent 51b5bf1e67
commit c006cca9b1

View file

@ -113,11 +113,17 @@ abstract class AphrontApplicationConfiguration {
array( array(
$base_uri, $base_uri,
$prod_uri, $prod_uri,
$file_uri,
), ),
$conduit_uris, $conduit_uris,
$allowed_uris); $allowed_uris);
$cdn_routes = array(
'/res/',
'/file/data/',
'/file/xform/',
'/phame/r/',
);
$host_match = false; $host_match = false;
foreach ($uris as $uri) { foreach ($uris as $uri) {
if ($host === id(new PhutilURI($uri))->getDomain()) { if ($host === id(new PhutilURI($uri))->getDomain()) {
@ -126,6 +132,17 @@ abstract class AphrontApplicationConfiguration {
} }
} }
if (!$host_match) {
if ($host === id(new PhutilURI($file_uri))->getDomain()) {
foreach ($cdn_routes as $route) {
if (strncmp($path, $route, strlen($route)) == 0) {
$host_match = true;
break;
}
}
}
}
// NOTE: If the base URI isn't defined yet, don't activate alternate // NOTE: If the base URI isn't defined yet, don't activate alternate
// domains. // domains.
if ($base_uri && !$host_match) { if ($base_uri && !$host_match) {